In December 2022, the Council of the European Union agreed to reinforce their AML/CFT framework with a strengthened anti-money laundering rulebook, with a renewed focus on digital assets and transaction limits. A new directive (AMLD6) will be introduced. 

As Zbyněk Stanjura, Minister for Finance of Czechia, stated, "Terrorists and those who finance them are not welcome in Europe. In order to launder dirty money, criminal individuals and organisations had to look for loopholes in our existing rules, which are already quite strict. But our intention is to close these loopholes further and to apply even stricter rules in all EU member states." 

This follows the Commission's presentation of a package of legislative proposals in July 2021, consisting of: 

  • A regulation establishing a new EU anti-money laundering authority with the power to impose sanctions and penalties; 
  • A regulation recasting the regulation on the transfer of funds to make the transfer of crypto-assets more transparent and traceable
  • A regulation on AML requirements for the private sector, and 
  • A directive on AML mechanisms. 

What the new rulebook contains

Perhaps the most noticeable change to the current rulebook is that existing AML/CFT rules will be extended to the crypto sector. All crypto-asset service providers (CASPs) must conduct due diligence about their customers during onboarding and when carrying out transactions amounting to €1000 or more. Measures must be added to mitigate risks related to transactions with self-hosted wallets, and additional enhanced due diligence measures must be carried out for cross-border correspondent relationships. 

Anti-money laundering measures 

Jewellers, horologists and goldsmiths, as well as persons trading in precious metals, stones and cultural goods, will also be subject to the obligations of the regulation as these industries are often used by money launderers to obscure the source of illicitly gained funds. 

The EU also aims to make it significantly harder for criminals to launder money by setting an EU-wide maximum limit of €10,000 for cash payments. Member states may lower this limit if they choose to do so. 

Grey and black lists 

Third countries that appear on the FATF's (Financial Action Task Force) grey list and black list will now be listed accordingly by the EU as well. The Commission will not be required to redo the identification process carried out by the FATF to ensure that lists are timeously transcribed and to avoid wasting resources. Once third countries appear on one of the lists, the EU will apply appropriate measures according to the risk posed by the country. 

Beneficial ownership rules

The Council decided to make beneficial ownership rules more transparent and harmonious. The Council has clarified that beneficial ownership is determined by two components, namely ownership and control, which need to be analysed in order to identify natural persons who are the beneficial owners of the legal entity. 

The Council has also introduced related rules applicable to multi-layered ownership and control structures, which are often used to obfusticate financial institutions carrying out due diligence checks. The Council provided much-needed guidance for identifying and verifying the identity of beneficial owners across various entities, including non-EU entities. Data protection and record retention provisions have been clarified to make the work of authorities easier and faster. 

EU members must ensure that any natural or legal person with a legitimate interest in the information held in beneficial ownership registers has access to the data, including journalists and civil society organizations interested in the prevention and combating of money laundering and terrorist financing.

What this means for crypto companies

Crypto-assets service providers are required to collect and store information identifying people involved in crypto transactions and must hand the information over to authorities conducting investigations into such transactions. While tracking requirements will not be imposed on private, unhosted wallets, individual identities may be tied to transactions or even blocked as the flow of cryptocurrencies can now be traced the same way that money transfers are in the EU using fiat currency. 

For example, an Ethereum transaction between MetaMask wallets will not be subject to AML checks, but if someone interacts with a service provider like FTX or Coinbase, the new rules will apply. If the transaction exceeds €1,000, the service provider must identify the owner of the private wallet being used. 


The new rules will ensure that financial institutions and service providers are not inadvertently facilitating transactions involving organisations under economic sanction or that will lead to terrorist financing or money laundering. 

It's essential that all financial institutions adopt a robust AML/CFT framework which includes sanctions and PEP screening, in order to stay compliant, especially cryptocurrency organizations that have faced increased scrutiny and harsh regulatory fines in recent months. 

If you need assistance for your Sanctions & AML screening, get in touch with our team at Our team of experts can provide advice, insight and the correct tools to implement a screening process based on your risk appetite and requirements.